# 



DOCKET NO.: MSFT-0107/127334.7 
Application No.: 09/482,928 
Office Action Dated: May 27, 2003 



PATENT 




This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1-105. (Canceled) 

106. (Currently Amended) A method for a device to interd^endently 
validate: 

a digital content package having a piece of digital content in an eijefrypted form; and 
a corresponding digital license for rendering the digital content, 
the method comprising: 

deriving a first key from a pre-determii^d source available to the 

device ; 

obtaining a first digital signature/from the digital content package; 
applying the first key to the f^rst digital signature to validate the first 
digital signature and the digital content packaged 

deriving a second key from a certificate corresponding to based on the 

first digital signature; 

obtaining a second digital signature from the license; and 
applying the Second key to the second digital signature to validate the 
second digital signature and the license. 

107. (Currently Amended) The method of claim 106 wherein deriving the 
first key comprises: 

obtaining a first encrypted key from the license; 
applying a pre-determined key available to the device to the first 
encrypted key to ^fecrypt the first encrypted key; 

obtaining a second encrypted key from the digital content; and 
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applying the decrypted first encrypted key to the second encrypted key 
to produce the first key. / 

108. (Original) The method of claim 107 wherein the encrypted digital 
content is decryptable according to a decryption key (KD), and wherein the first encrypted 
key is the decryption key (KD) encrypted with the device public key (PU-D) (i.e.,(PU-D 
(KD))). / 

109. (Original) The method oy claim 107 wherein the device has a 
public key (PU-D) and a private key (PR-D), and wherein the key available to the device is 
(PR-D). / 

110. (Original) The method of claim 107 wherein the encrypted digital 
content is decryptable according to a decryption key (KD) 5 wherein the digital content 
package is provided by a content provider haying a public key (PU-C) and a private key (PR- 
C), and wherein the second encrypted key is/the content provider public key (PU-C) 
encrypted with the decryption key (KD) (i.rf., KD (PU-C)). 

111. (Currently Amended) The method of claim 107 wherein the s econd 
encrypted key is the basis for the first digital signature is based on the second encrypted key . 

112. (Original) The method of claim 106 wherein deriving the second 
key comprises: / 

obtaining a signed certificate from the license, the signed certificate 
having contents therein; and / 

applying the first key to the signature of the signed certificate to 
produce the contents of the certificate and also to validate the signature. 
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113. (Original) The method of cjlaim 112 wherein the digital license is 
provided by a license provider having a public key (PU-L) and a private key (PR-L), and 
wherein the contents of the certificate is (PU-L). / 

114. (Original) The methodyof claim 113 wherein the digital content 
package is provided by a content provider having a public key (PU-C) and a private key (PR- 
C), and wherein the signed certificate is a certificate containing the license provider public 
key (PU-L) and signed by the content provider/private key (PR-C) (i.e., (CERT (PU-L) S 
(PR-C))). / 

115. (Original) The method of claim 113 wherein the digital content 
package is provided by a content provider authorized by a root source to provide the package, 
wherein the root source has a public key (PU-R) and a private key (PR-R) and wherein the 
signed certificate is a certificate containing the license provider public key (PU-L) and signed 
by the root source private key (PR-R) (i. J, (CERT (PU-L) S (PR-R))). 

116. (Original) The method of claim 106 wherein the digital content 
package is provided by a content provider having a public key (PU-C) and a private key (PR- 
C), and wherein the first key is (PU-C). 

117. (Original) The method of claim 116 wherein the encrypted digital 
content is decryptable according to a/ decryption key (KD), and wherein the first digital 
signature is based on the content provider public key (PU-C) encrypted with the decryption 
key (KD) and is signed by the content provider private key (PR-C) (i.e., (KD (PU-C) S (PR- 
Q)). / 

118. (Original)/ The method of claim 117 wherein deriving (PU-C) 
comprises: / 
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deriving (KD) from a source available to the device; 
applying (KD) to (KD (PU-Cfl S (PR-C)) to produce (PU-C). 

119. (Original) The method of claim 118 wherein the device has a 
public key (PU-D) and a private key (PR-D), whdrein the license has the decryption key (KD) 
encrypted with the device public key (PU-D) (i.e.,(PU-D (KD))), and wherein deriving (KD) 
comprises: / 

obtaining (PU-D (KD)) from the license; 
applying (PR-D) to (PU-D (KD)) to produce (KD). 

120. (Original) The mefthod of claim 119 wherein the license has a 
license rights description specifying terms and conditions that must be satisfied before the 
digital content may be rendered, the license rights description being encrypted with the 
decryption key (KD) (i.e., (KD (DRL))), ttie method further comprising applying (KD) to 
(KD(DRL)) to obtain the license terms and conditions. 

121 . (Original) The method of claim 119 wherein the license has a 
license rights description specifying terms and conditions that must be satisfied before the 
digital content may be rendered, the method further comprising: 

evaluating the/license terms and conditions to determine whether the 
digital content is permitted to be rendered in the manner sought; 

if so, applying (KD) to the encrypted digital content to decrypt such 
encrypted digital content; and / 

rendering /the decrypted digital content. 

122. (Original/) The method of claim 116 wherein the encrypted digital 
content package is provided by a content provider authorized by a root source to provide the 
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package, wherein the root source has a public key (PU-R) and a private key (PR-R) and 
wherein the first digital signature is a signed certificate contaimng the content provider public 
key (PU-C) and signed by the root source private key (PR-1^0 (i.e., (CERT (PU-C) S (PR- 
R))). 

123. (Original) The method of cl^im 106 wherein the digital license is 
provided by a license provider having a public key (J^U-L) and a private key (PR-L), and 
wherein the second key is (PU-L). 

124. (Original) The method of claim 123 wherein the second digital 
signature is a digital signature encrypted with )4ie license provider private key (i.e., (S (PR- 
L))). 

125. (Original) The rftethod of claim 124 wherein the digital content 
package is provided by a content provider having a public key (PU-C) and a private key (PR- 
C), wherein the license has a certificate containing the license provider public key (PU-L) 
and signed by the content provider private key (PR-C) (i.e., (CERT (PU-L) S (PR-C))), and 
wherein deriving (PU-L) comprises: 

deriving (BU-C) from a source available to the device; 
obtaining/(CERT (PU-L) S (PR-C)) from the license; and 
applying (PU-C) to (CERT (PU-L) S (PR-C)) to validate (CERT (PU- 
L) S (PR-C)), to produce (PU-L) and also to validate the content provider. 

126. (Original) The method of claim 125 wherein the encrypted digital 
content is decryptable according to a decryption key (KD), wherein the first digital signature 
is based on the content provider public key (PU-C) encrypted with the decryption key (KD) 
and is signed by the con/ent provider private key (PR-C) (i.e., (KD (PU-C) S (PR-C))), and 
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wherein deriving (PU-C) comprises: 

deriving (KD) from a source availalzfle to the device; 
applying (KD) to (KD (PU-C) S/PR-C)) to produce (PU-C). 

127. (Original) The method of^laim 126 wherein the device has a 
public key (PU-D) and a private key (PR-D), whe/ein the license has the decryption key (KD) 
encrypted with the device public key (PU-D) (yfe.,(PU-D (KD))), and wherein deriving (KD) 
comprises: 

obtaining (PU-D (K£>)) from the license; 
applying (PR-D) tb (PU-D (KD)) to produce (KD). 

128. (Original) The method of claim 127 wherein the license has a 
license rights description specifying/terms and conditions that must be satisfied before the 
digital content may be rendered, tMe license rights description being encrypted with the 
decryption key (KD) (i.e., (KD j^DRL))), the method further comprising applying (KD) to 
(KD(DRL)) to obtain the license terms and conditions. 

129. (Original) The method of claim 127 wherein the license has a 
license rights description specifying terms and conditions that must be satisfied before the 
digital content may be rendered, the method further comprising: 

/evaluating the license terms and conditions to determine whether the 
digital content is pei^biitted to be rendered in the manner sought; 

if so, applying (KD) to the encrypted digital content to decrypt such 
encrypted digital/content; and 

rendering the decrypted digital content. 
f 130. (Original) A method for a device to interdependently validate a 
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piece of digital content and a corresponding digital license for rendering the digital content, 
the digital content being encrypted, the encrypted digital content being decryptable according 
to a decryption key (KD) and being packaged in a digital content package, the digital content 
package being provided by a content provider having a public key (PU-C) and a private key 
(PR-C), the digital license being provided by a license provider having a public key (PU-L) 
and a private key (PR-L), the device having a publ/c key (PU-D) and a private key (PR-D), 
the digital content package comprising: 
the encrypted digital content; and 

the content provider public key (PU-C) encrypted with the decryption key (KD) and 
signed by the content provider private ke/ (PR-C) (i.e., (KD (PU-C) S (PR-C))); 
the digital license comprising 

the decryption key 0<X>) encrypted with the device public key (PU-D) 

(i.e.,(PU-D (KD))); 

a digital signature from the license provider (without any attached 
certificate) based on (KD (DRL)) ancy (PU-D (KD)) and encrypted with the license provider 
private key (i.e., (S (PR-L))); and 

a certificate/containing the license provider public key (PU-L) and 
signed by the content provider private key (PR-C) (i.e., (CERT (PU-L) S (PR-C))); 
the method comprising: 

obtaining (PU-D (KD)) from the license; 
applying (PR-D) to (PU-D (KD)) to produce (KD); 
obtaining (KD (PU-C) S (PR-C)) from the digital content package; 
apply/ng (KD) to (KD (PU-C) S (PR-C)) to produce (PU-C); 
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applying (PU-C) to (S (PR-C)) to/validate (KD (PU-C) S (PR-C)), 
thereby validating the digital content package; / 

obtaining (CERT (PU-L) S (PR-C)) from the license; 

applying (PU-C) to (CERT fiPU-L) S (PR-C)) to validate (CERT (PU- 
L) S (PR-C)), thereby validating the content provMer, and also to obtain (PU-L); 

obtaining (S (PR-L)) froni the license; and 

applying (PU-L) to (S (PR-L)), thereby validating the license. 

131. (Original) The memod of claim 130 wherein the digital content 
package further comprises a content / package ID identifying one of the digital content and 
the digital content package, and wherein tMe license further comprises the content / package 
ID of the corresponding digital content / fligital content package, the method further 
comprising ensuring that the content / package ID of the license in fact corresponds to the 
content / package ID of the digital coment / digital content package. 

132. (Original) /The method of claim 130 wherein the license further 
comprises a license rights description (DRL) specifying terms and conditions that must be 
satisfied before the digital content may be rendered, the method further comprising; 

evaluating the license terms and conditions to determine whether the 
digital content is permitted to be/rendered in the manner sought; 

if so, applying (KD) to the encrypted digital content to decrypt such 
encrypted digital content; and / 

rendering the decrypted digital content. 

133. (Original) The method of claim 132 wherein the license rights 
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description is encrypted with the decryption key (KD) (i.e., (KIJ(DRL))), the method further 
comprising applying (KD) to (KD (DRL)) to obtain the license terms and conditions. 

134. (Currently Amended) A computer-readable medium having computer- 
executable instructions for performing a method for a device to interdependently validate: 

a digital content package having a piece of digital content in an encrypted form; and 
a corresponding digital license for rendering the digi/fal content, 
the method comprising: / 

deriving a first key from a pre-determined source available to the 

device ; / 

obtaining a first digital signature from the digital content package; 

applying the first key to the first digital signature to validate the first 
digital signature and the digital content package; 

deriving a second key from a certificate corresponding to ba s ed on the 
first digital signature; / 

obtaining a second aigital signature from the license; and 

applying the second key to the second digital signature to validate the 
second digital signature and the license. 

135. (Currently Amended) The method of claim [[133]] 134 wherein 
deriving the first key comprises: / 

obtaining af first encrypted key from the license; 
applying a pre-determined key available to the device to the first 
encrypted key to decrypt the first encrypted key; 

obtaining a second encrypted key from the digital content; and 
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applying the decrypted first encrypted key to the second encrypted key 
to produce the first key. / 

136. (Original) The method of claim 135 wherein the encrypted digital 
content is decryptable according to a decryption key (EX>), and wherein the first encrypted 
key is the decryption key (KD) encrypted with the device public key (PU-D) (i.e.,(PU-D 
(KD))). / 

137. (Original) The method of claim 135 wherein the device has a 
public key (PU-D) and a private key (PR-D), andr wherein the key available to the device is 
(PR-D). / 

138. (Original) The metnod of claim 135 wherein the encrypted digital 
content is decryptable according to a decryption key (KD), wherein the digital content 
package is provided by a content provider having a public key (PU-C) and a private key (PR- 
C), and wherein the second encrypted key is the content provider public key (PU-C) 
encrypted with the decryption key (KDHi.e., KD (PU-C)). 

139. (Currently Amended) The method of claim 135 wherein the second 
encrypted key is the basis for the first digital signature is based on the second encrypted key . 

140. (Original) / The method of claim 134 wherein deriving the second 
key comprises: / 

obtaining k signed certificate from the license, the signed certificate 
having contents therein; and / 

applying the first key to the signature of the signed certificate to 
produce the contents of the certificate and also to validate the signature. 
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141 . (Original) The method of claiiVl40 wherein the digital license is 
provided by a license provider having a public key (PU/L) and a private key (PR-L), and 
wherein the contents of the certificate is (PU-L). / 

142. (Original) The method off claim 141 wherein the digital content 
package is provided by a content provider having a public key (PU-C) and a private key (PR- 
C), and wherein the signed certificate is a certificate containing the license provider public 
key (PU-L) and signed by the content provider private key (PR-C) (i.e., (CERT (PU-L) S 
(PR-C))). / 

143. (Original) The method of claim 141 wherein the digital content 
package is provided by a content provider authorized by a root source to provide the package, 
wherein the root source has a publior key (PU-R) and a private key (PR-R) and wherein the 
signed certificate is a certificate containing the license provider public key (PU-L) and signed 
by the root source private key rPR-R) (i.e., (CERT (PU-L) S (PR-R))). 

144. (Origii/al) The method of claim 134 wherein the digital content 
package is provided by a content provider having a public key (PU-C) and a private key (PR- 
C), and wherein the first/Key is (PU-C). 

145. /Original) The method of claim 144 wherein the encrypted digital 
content is decryptahje according to a decryption key (KD), and wherein the first digital 
signature is basec^on the content provider public key (PU-C) encrypted with the decryption 
key (KD) and is/signed by the content provider private key (PR-C) (i.e., (KD (PU-C) S (PR- 
C))). / 

/ 146. (Original) The method of claim 145 wherein deriving (PU-C) 

comprises:/ 
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deriving (KD) from a source available toythe device; 
applying (KD) to (KD (PU-C) S (PR-CJ) to produce (PU-C). 

147. (Original) The method of claim /46 wherein the device has a 
public key (PU-D) and a private key (PR-D), wherein ther license has the decryption key (KD) 
encrypted with the device public key (PU-D) (i.e.,(PUvD (KD))), and wherein deriving (KD) 
comprises: / 

obtaining (PU-D (KD)) fiWn the license; 
applying (PR-D) to (PU-£> (KD)) to produce (KD). 

148. (Original) The method of claim 147 wherein the license has a 
license rights description specifying terms/and conditions that must be satisfied before the 
digital content may be rendered, the license rights description being encrypted with the 
decryption key (KD) (i.e., (KD (DRL>)), the method further comprising applying (KD) to 
(KD(DRL)) to obtain the license terms and conditions. 

149. (Original) / The method of claim 147 wherein the license has a 
license rights description specifying terms and conditions that must be satisfied before the 
digital content may be rendered, the method further comprising: 

evaluating the license terms and conditions to determine whether the 
digital content is permittee to be rendered in the manner sought; 

iyso, applying (KD) to the encrypted digital content to decrypt such 
encrypted digital content; and 

/ rendering the decrypted digital content. 

150. / (Original) The method of claim 144 wherein the encrypted digital 
content package is provided by a content provider authorized by a root source to provide the 
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package, wherein the root source has a public key (PU-R) and ia private key (PR-R) and 
wherein the first digital signature is a signed certificate containing the content provider public 
key (PU-C) and signed by the root source private key (PR-^6 (i.e., (CERT (PU-C) S (PR- 

R))). 

151. (Original) The method of clsfim 134 wherein the digital license is 
provided by a license provider having a public key (I^U-L) and a private key (PR-L), and 
wherein the second key is (PU-L). 

152. (Original) The method^ of claim 151 wherein the second digital 
signature is a digital signature encrypted with tjae license provider private key (i.e., (S (PR- 
L))). 

153. (Original) The method of claim 152 wherein the digital content 
package is provided by a content providermaving a public key (PU-C) and a private key (PR- 
C), wherein the license has a certificate containing the license provider public key (PU-L) 
and signed by the content provider pri/ate key (PR-C) (i.e., (CERT (PU-L) S (PR-C))), and 
wherein deriving (PU-L) comprises^ 

deriving (PU-C) from a source available to the device; 
obtaining /CERT (PU-L) S (PR-C)) from the license; and 
applyin§/(PU-C) to (CERT (PU-L) S (PR-C)) to validate (CERT (PU- 
L) S (PR-C)), to produce (PU/L) and also to validate the content provider. 

154. (Original) The method of claim 153 wherein the encrypted digital 
content is decryptable according to a decryption key (KD), wherein the first digital signature 
is based on the content provider public key (PU-C) encrypted with the decryption key (KD) 
and is signed by the extent provider private key (PR-C) (i.e., (KD (PU-C) S (PR-C))), and 
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wherein deriving (PU-C) comprises: / 

deriving (KD) from a source available toahe device; 
applying (KD) to (KD (PU-C) S (PR-£)) to produce (PU-C). 

155. (Original) The method of claim 1 54 wherein the device has a 
public key (PU-D) and a private key (PR-D), wherein me license has the decryption key (KD) 
encrypted with the device public key (PU-D) (i.e.,(BU-D (KD))), and wherein deriving (KD) 
comprises: / 

obtaining (PU-D (KD)) from the license; 
applying (PR-D) to (Pt?-D (KD)) to produce (KD). 

156. (Original) The method of claim 155 wherein the license has a 
license rights description specifying terms and conditions that must be satisfied before the 
digital content may be rendered, the license rights description being encrypted with the 
decryption key (KD) (i.e., (KD (DRL))), the method further comprising applying (KD) to 
(KD(DRL)) to obtain the license /erms and conditions. 

157. (Original) The method of claim 155 wherein the license has a 
license rights description specifying terms and conditions that must be satisfied before the 
digital content may be rendered, the method further comprising: 

evaluating the license terms and conditions to determine whether the 
digital content is permitted to be rendered in the manner sought; 

/ if so, applying (KD) to the encrypted digital content to decrypt such 
encrypted digital content; and 

/ rendering the decrypted digital content. 
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Amendments to the Drawings 

In response to the Notice of Draftsperson's Patent Drawing Review (Form PTO 948), 
attached are 12 sheets of drawings including margin changes to Figures 1, 2, 4, 5 A, 7, 1 1, and 
12, and font size changes to Figure 12. The 12 attached drawing sheets replace the original 
12 drawing sheets filed with the application. 
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